Having a bit of a time getting an Orinoco AS-2000 to get an ip address
from the ippool module.. I authenticate just fine, it just falls through
the users file to the dial-up stuff before it gets a match... Here's some
info:
<users file>
DEFAULT NAS-IP-Address == 172.16.1.8, Auth-Type := Pam, Group ==
"wireless64", Pool-Name := "wireless64"
DEFAULT Auth-Type := Pam, Group == "wireless64", Pool-Name := "wireless64"
DEFAULT Group == "wireless128", Pool-Name := "wireless128"
DEFAULT Group == "wireless192", Pool-Name := "wireless192"
DEFAULT Group == "wireless256", Pool-Name := "wireless256"
DEFAULT Auth-Type := Pam, Huntgroup-Name == "wireless64", Pool-Name :=
"wireless64"
DEFAULT Huntgroup-Name == "wireless128", Pool-Name := "wireless128"
DEFAULT Huntgroup-Name == "wireless192", Pool-Name := "wireless192"
DEFAULT Huntgroup-Name == "wireless256", Pool-Name := "wireless256"
#DEFAULT Simultaneous-Use := 2
# Fall-Through = 1
#DEFAULT Auth-Type := Reject, Huntgroup-Name == "mail"
#DEFAULT Huntgroup-Name := "local", Pool-Name := "wireless64"
# Filter-Id = "locallan",
# Fall-Through = 1
#DEFAULT Auth-Type := Pam
# Service-Type = Framed-User,
# Framed-Protocol = PPP,
# Framed-IP-Address = 255.255.255.254,
# Framed-IP-Netmask = 255.255.255.255,
# Framed-Compression = Van-Jacobson-TCP-IP,
# Session-Timeout = 360000,
# Idle-Timeout = 900,
# Framed-MTU = 576
With the dialup stuff commented, I do not get authenticated.. As you can
see, I'm trying several different ways to get a hit...
<huntgroups>
pop1 NAS-IP-Address == 172.16.1.8
wireless64 Group = wireless64
wireless128 Group = wireless128
wireless192 Group = wireless192
wireless256 Group = wireless256
The user I'm testing with is in group wireless64 on the radius server. I
used something similar with Cistron to put people into groups that were
mail only (no Internet access), etc... Can't find any documentation that
says it works any differently now...
<radiusd.conf>
modules {
ippool wireless64 {
range-start = 64.123.115.131
range-stop = 64.123.115.143
netmask = 255.255.255.128
cache-size = 800
session-db = ${raddbdir}/db.wireless64
ip-index = ${raddbdir}/db.wireless64
}
ippool wireless128 {
range-start = 64.123.115.193
range-stop = 64.123.115.254
netmask = 255.255.255.128
cache-size = 800
session-db = ${raddbdir}/db.wireless128
ip-index = ${raddbdir}/db.wireless128
}
ippool wireless192 {
range-start = 64.123.115.149
range-stop = 64.123.115.160
netmask = 255.255.255.128
cache-size = 800
session-db = ${raddbdir}/db.wireless192
ip-index = ${raddbdir}/db.wireless192
}
ippool wireless256 {
range-start = 64.123.115.162
range-stop = 64.123.115.187
netmask = 255.255.255.128
cache-size = 800
session-db = ${raddbdir}/db.wireless256
ip-index = ${raddbdir}/db.wireless256
}
pam {
pam_auth = radiusd
}
files {
usersfile = ${confdir}/users
acctusersfile = ${confdir}/acct_users
compat = no
}
authorize {
preprocess
files
}
authenticate {
pam
}
accounting {
detail
radutmp
wireless64
wireless128
wireless192
wireless256
}
session {
radutmp
}
post-auth {
wireless64
wireless128
wireless192
wireless256
}
Any help appreciated...
---
Homer Parker
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
